教程：在Spring Boot应用中集成OAuth 2.0认证

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
@Configuration
public class OAuth2ClientConfig {
 
    private ClientRegistrationRepository clientRegistrationRepository;
 
    public OAuth2ClientConfig(ClientRegistrationRepository clientRegistrationRepository) {
        this.clientRegistrationRepository = clientRegistrationRepository;
    }
 
    @Configuration
    public static class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
 
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http
                // 配置OAuth 2.0客户端注册
                .oauth2Login()
                // 添加一个GitHub客户端
                .clientRegistrationRepository(clientRegistrationRepository)
                .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                // 自定义登录成功处理器
                .loginPage("/login")
                .redirectionEndpoint()
                .baseUri("/callback") // GitHub回调URI
                .and()
                // 自定义登录失败处理器
                .failureUrl("/login-error")
                .and()
                // 其他安全配置
                .and()
                .authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .csrf().disable();
        }
    }
}

这个代码示例展示了如何在Spring Security中配置OAuth 2.0客户端注册和登录流程。它定义了一个ClientRegistrationRepository，并在OAuth2LoginConfig配置类中通过继承WebSecurityConfigurerAdapter来重写configure方法，以便配置OAuth 2.0登录特性。代码中包含了如何指定授权类型、自定义登录页面以及定义回调URI和错误处理页面的示例。